$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6807c7cb-8dc5-40ba-bf24-24c5e6e30c24.roa File: 6807c7cb-8dc5-40ba-bf24-24c5e6e30c24.roa (raw, json) Hash identifier: YjcHwP7WSVp0BgvORJGPXmpvKsII/REFgfw4NjCFj0c= Subject key identifier: 47:E3:0F:AC:FA:39:80:6D:83:D5:CD:8B:23:1E:8F:9F:A1:A2:71:F2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18EDD3C7149307C52A3891AF79285F095687CA59 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6807c7cb-8dc5-40ba-bf24-24c5e6e30c24.roa Signing time: Wed 29 Oct 2025 07:39:13 +0000 ROA not before: Wed 29 Oct 2025 07:39:13 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:ed:d3:c7:14:93:07:c5:2a:38:91:af:79:28:5f:09:56:87:ca:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:39:13 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=48c1ad950c626cd9bae2f8964d751b1c11e9dce93cb00310f89362787c529c97, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:74:a4:d2:45:8b:3b:e9:d2:4d:77:6f:32:3c: 72:14:1a:47:01:24:df:61:9b:ce:08:15:7a:3d:3a: b7:36:de:b1:b2:bf:19:78:43:2f:7e:2e:1f:87:31: e7:a0:b3:d3:5c:14:91:ad:c9:7f:01:e2:63:3a:02: 3f:9c:83:c7:45:e3:67:f7:a5:6a:46:e7:4e:98:a8: 95:42:d7:33:d1:f2:9c:e1:c7:fe:6b:05:77:1d:8e: 79:ac:c4:57:73:ab:47:66:32:ea:0b:a2:bc:2c:ee: 9a:88:c8:ff:a8:d1:08:49:6e:82:00:09:57:a7:ad: 06:7c:43:a3:a9:f3:8d:73:06:50:32:9f:17:d7:40: 47:52:ef:d8:bb:4d:98:d8:75:ce:8e:4e:27:c4:df: 6f:1f:27:2a:8d:07:c4:c0:39:18:d2:1d:1d:79:6d: 99:ba:55:9e:0c:f7:3e:56:48:a1:4b:41:2b:97:c0: b0:2a:0e:4d:85:e0:ba:25:0f:25:52:da:09:14:43: da:5f:44:2a:bc:6c:64:30:81:fa:7e:fa:8b:b7:10: 98:7e:16:e5:43:6b:9e:bb:18:eb:e9:35:f2:37:62: 32:cb:18:85:cb:e3:04:8a:c6:d5:c3:01:e1:e7:5d: 00:c0:0b:47:15:97:d0:18:29:04:7e:39:52:7e:aa: c0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:E3:0F:AC:FA:39:80:6D:83:D5:CD:8B:23:1E:8F:9F:A1:A2:71:F2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6807c7cb-8dc5-40ba-bf24-24c5e6e30c24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:1000::/40 Signature Algorithm: sha256WithRSAEncryption 36:68:89:0f:2f:b7:23:40:31:ae:f0:94:9e:19:6d:10:2e:aa: 09:95:4c:f8:8a:3b:e8:4f:4b:5e:dd:ea:60:46:7a:be:c5:27: 36:76:cf:82:87:1b:89:37:96:0c:8f:49:19:d1:85:40:08:72: 4f:2f:35:5e:ac:76:d1:bc:61:f6:0f:54:65:84:e9:8e:60:60: e3:39:1d:b4:b0:a4:18:d5:21:3e:b6:91:b9:ba:70:5f:24:64: ef:a2:bb:80:fc:8e:22:9e:88:57:3a:f2:de:98:0d:a4:dc:ee: b6:77:4c:71:eb:a4:79:e1:72:44:63:79:4f:72:c6:6b:3f:05: e6:18:14:50:2a:8f:78:98:1c:ce:87:b4:82:08:4e:b3:63:17: 7d:25:cc:27:c6:da:ea:35:aa:5d:9b:df:42:78:11:3c:16:fe: b0:e4:20:94:92:74:eb:67:16:ab:b7:78:b2:72:02:f4:92:13: ab:06:81:92:78:75:ea:38:7a:7e:1e:b3:9b:8e:71:31:88:bc: 90:0a:0c:a4:37:b0:12:d6:a0:28:77:a1:fe:77:81:63:79:fd: 0e:b6:be:82:db:cc:a0:e5:02:4c:6a:49:cf:53:f1:be:b8:52: d8:3a:15:1b:ca:09:1b:75:3d:a1:39:5d:2f:32:22:10:65:9f: 75:fa:1e:bb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGO3TxxSTB8UqOJGveShfCVaHylkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3MzkxM1oX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANDhjMWFkOTUwYzYyNmNkOWJhZTJm ODk2NGQ3NTFiMWMxMWU5ZGNlOTNjYjAwMzEwZjg5MzYyNzg3YzUyOWM5NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXSk0kWLO+nSTXdvMjxyFBpHASTf YZvOCBV6PTq3Nt6xsr8ZeEMvfi4fhzHnoLPTXBSRrcl/AeJjOgI/nIPHReNn96Vq RudOmKiVQtcz0fKc4cf+awV3HY55rMRXc6tHZjLqC6K8LO6aiMj/qNEISW6CAAlX p60GfEOjqfONcwZQMp8X10BHUu/Yu02Y2HXOjk4nxN9vHycqjQfEwDkY0h0deW2Z ulWeDPc+VkihS0Erl8CwKg5NheC6JQ8lUtoJFEPaX0QqvGxkMIH6fvqLtxCYfhbl Q2ueuxjr6TXyN2IyyxiFy+MEisbVwwHh510AwAtHFZfQGCkEfjlSfqrA6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEfjD6z6OYBtg9XNiyMej5+honHyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4MDdjN2NiLThkYzUtNDBiYS1iZjI0LTI0YzVlNmUzMGMyNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6hAwDQYJKoZIhvcNAQELBQADggEBADZoiQ8vtyNAMa7wlJ4Z bRAuqgmVTPiKO+hPS17d6mBGer7FJzZ2z4KHG4k3lgyPSRnRhUAIck8vNV6sdtG8 YfYPVGWE6Y5gYOM5HbSwpBjVIT62kbm6cF8kZO+iu4D8jiKeiFc68t6YDaTc7rZ3 THHrpHnhckRjeU9yxms/BeYYFFAqj3iYHM6HtIIITrNjF30lzCfG2uo1ql2b30J4 ETwW/rDkIJSSdOtnFqu3eLJyAvSSE6sGgZJ4deo4en4es5uOcTGIvJAKDKQ3sBLW oCh3of53gWN5/Q62voLbzKDlAkxqSc9T8b64Utg6FRvKCRt1PaE5XS8yIhBln3X6 Hrs= -----END CERTIFICATE-----Generated at Wed Nov 5 10:54:48 2025 by rpki-client